<?php 
//create a connection for the database
$db_host="localhost";
$db_username="root";
$db_password="golddragon";
$db_name="sasystemTables";
$tbl_name="Logins";

mysql_connect($db_host,$db_username,$db_password) or die("Can not connect.");
mysql_select_db($db_name) or die("Can't Select DB.");

// get username and password
$username=$_POST['username'];
$password=$_POST['password'];

// validate input for injection characters
$username=stripslashes($username);
$password=stripslashes($password);
$username=mysql_real_escape_string($username);
$password=mysql_real_escape_string($password);

$Studentemail_ID = "SELECT * FROM $tbl_name WHERE userID ='$username' AND password ='$password'";
$result = mysql_query($Studentemail_ID);

// Count rows
$row = mysql_num_rows($result);
// If it matched, there should be only 1 row
if($row==1)
{
//Create session for user and redirect to login_success.php
	session_register("username");
	session_register("password");
	header("location:login_success.php");
}
else
{
	echo "Wrong Username or Password";
}
?>
